Sorry,
I managed to misplace my question into the existing thread.
On 9/26/14, 12:56 AM, Alexandre Levine wrote:
Hi All,
I'm looking for a way to set port_filter flag to False for port
binding. Is there a way to do this in IceHouse or in current Juno
code? I use devstack with the default ML2 plugin and configuration.
According to this guide
(http://docs.openstack.org/api/openstack-network/2.0/content/binding_ext_ports.html)
it should be done via binding:profile but it gets only recorded in the
dictionary of binding:profile and doesn't get reflected in vif_details
as supposed to.
I tried to find any code in Neutron that can potentially do this
transferring from incoming binding:profile into binding:vif_details
and found none.
I'd be very grateful if anybody can point me in the right direction.
And by the by the reason I'm trying to do this is because I want to
use one instance as NAT for another one in private subnet. As a result
of ping 8.8.8.8 from private instance to NAT instance the reply gets
Dropped by the security rule in iptables on TAP interface of NAT
instance because the source is different from the NAT instance IP. So
I suppose that port_filter is responsible for this behavior and will
remove this restriction in iptables.
Best regards,
Alex Levine
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev